[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_21-62-g443d501
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_21-62-g443d501 |
Date: |
Fri, 20 Jul 2012 22:54:00 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=443d50192733f4d85ba87f5622c08b54ba5b9fd7
The branch, master has been updated
via 443d50192733f4d85ba87f5622c08b54ba5b9fd7 (commit)
from 60d256bcfb174f3393a890c0dde761f49c5af619 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 443d50192733f4d85ba87f5622c08b54ba5b9fd7
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Jul 21 00:53:29 2012 +0200
Increate the entropy of TPM when generating keys.
When generating a key in TPM provide it with some randomness
using Tspi_TPM_StirRandom(). Suggested by Carolin Latze.
-----------------------------------------------------------------------
Summary of changes:
lib/tpm.c | 27 +++++++++++++++++++++++++++
1 files changed, 27 insertions(+), 0 deletions(-)
diff --git a/lib/tpm.c b/lib/tpm.c
index c6d22d0..2c00787 100644
--- a/lib/tpm.c
+++ b/lib/tpm.c
@@ -1178,6 +1178,8 @@ TSS_HPOLICY key_policy;
gnutls_pubkey_t pub;
struct tpm_ctx_st s;
TSS_FLAG storage_type;
+TSS_HTPM htpm;
+uint8_t buf[32];
if (flags & GNUTLS_TPM_KEY_SIGNING)
tpm_flags |= TSS_KEY_TYPE_SIGNING;
@@ -1205,6 +1207,31 @@ TSS_FLAG storage_type;
ret = tpm_open_session(&s, srk_password);
if (ret < 0)
return gnutls_assert_val(ret);
+
+ /* put some randomness into TPM.
+ * Let's not trust it completely.
+ */
+ tssret = Tspi_Context_GetTpmObject(s.tpm_ctx, &htpm);
+ if (tssret != 0)
+ {
+ gnutls_assert();
+ ret = tss_err(tssret);
+ goto err_cc;
+ }
+
+
+ ret = _gnutls_rnd(GNUTLS_RND_RANDOM, buf, sizeof(buf));
+ if (ret < 0)
+ {
+ gnutls_assert();
+ goto err_cc;
+ }
+
+ tssret = Tspi_TPM_StirRandom(htpm, sizeof(buf), buf);
+ if (tssret)
+ {
+ gnutls_assert();
+ }
tssret = Tspi_Context_CreateObject(s.tpm_ctx, TSS_OBJECT_TYPE_RSAKEY,
tpm_flags, &key_ctx);
if (tssret != 0)
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_21-62-g443d501,
Nikos Mavrogiannopoulos <=